Last one for 0.4

For the last Pull Request I wasn’t quite sure how to handle it since the within the comments of the issue told him the same. You shouldn’t handle the IPs through the program, but through your firewall. But the gentleman insisted of making this available through the software so I wanted to give it a shot.

The program itself already has it’s own whitelisting (Prevent IPs from being banned) and blacklisting (If the ip is found within the list, kick them out) so why not piggy back off of whats already there?

A function IsBanned() is run when ever an IP connects and returns whether the it’s found within the black list. To start everything off, I just added a configuration within the PolicyServer configuration they have, add a boolean config flag for WhiteListOnly and checked the flag within that function. The function for checking an IP within the whitelist already exists as well, so might as well use that and now we’re basically done!

But what about the whitelist IP’s? How do you populate it? Well, after asking around, it’s apparently populated within their redis key/value store. They’d normally manually add values to the whitelist key and be done with it, but I wanted to give another option. I made their API server listen for a POST request to add to the whitelist.

I created within their API server a listener for a new function :r.HandleFunc("/api/whitelist", s.AddToWhiteListIndex) Once the handler was made, I created a function that would be used to reply and handle the new IPs. Created the header information, pulled the POST request body and changed it to a struct that I listed above: type WhiteList struct { IPs []string 'json: "ips"' }now with the POST body, I can change it to that struct and loop through the IP array.

I added a simple regex expression to check for a valid IP address, used the existing AddToWhiteList() function and through it all in as I was looping. Once the loops finished, return a success and their new IPs should be populated within their whitelist.

Now depending on where the gentleman is hosting the server, he doesn’t have to manually go into redis to populate the whitelist and can do it through the new API endpoint I created with his list of IPs. Success — He actually closed the ticket a couple days ago, but maybe he’ll get a notification and gets to try this out (: .